<?php
include("../../tools/session.php");
include("../../tools/controls.php");

// 如果登录失败、无权限访问，那么采取相应措施
if (!($is_login_success === true)) { session_hop_page("../index.php"); exit(); }
if (!power_check(0)) { include("tpl-inc-wp.php"); $tpl->display($oa_tpl_path . "/no-power.html"); exit(); }

/*-- 以下是实际内容 --*/
$page_status = $_POST["page_status"];
$author = $_SESSION["user"]["username"];

if (!$page_status)
{
    include("tpl-inc-wp.php");
    // $abc = array("abc" => 1, "bcd" => array("def", 1));
    // echo json_encode($abc);
    $tpl->display($oa_tpl_path . "/default/doc_template2.html");
}
elseif ($page_status == 1)
{
    include("../../tools/mysql.php");
    db_connect();
    
    $alert_str = array("Success: 数据入库成功！", "Error: 数据入库出错！");
    
    $tpl_class_id		= $_POST["tpl_class_id"];
    $type				= $_POST["type"];
    $tpl					= mysql_escape_string($_POST["tpl"]);
    $name				= $_POST["name"];
    $pic					= $_POST["pic"];
    $tpl_pars			= mysql_escape_string($_POST["tpl_pars"]);
    
    // $sql = "INSERT INTO doc_tpl(tpl_class_id, name, template, type, pic, author, create_time) ";
    // $sql .= " VALUES(" . $tpl_class_id . ", '" . $name . "', '" . $tpl . "', '" . $type . "', '" . $pic . "', '" . $author . "', NOW())";
    // echo $sql;
    $sql = "INSERT INTO doc_tpl(tpl_class_id, name, template, pars, type, pic, author, create_time) 
    		VALUES(" . $tpl_class_id . ", '" . $name . "', '" . $tpl . "', '" . $tpl_pars . "', '"
    		. $type . "', '" . $pic . "', '" . $author . "', NOW())";
    $re = db_exec($sql);		
    echo ((!$re) ? $alert_str[1] : $alert_str[0]);
     
     /*
    if ($type == 1)
    {
		$sql2 = "SELECT LAST_INSERT_ID() id";
		$re2 = db_query_once($sql2);
		$tpl_id = $re2["id"];
		$tpl_pars_sql = makeTplParsSQL($tpl_id, $tpl_pars);
		$re3 = db_exec($tpl_pars_sql);
		echo ((!re3) ? $alert_str[1] : $alert_str[0]);
    }
    */
}
elseif ($page_status == 2)
{
    include("../../tools/mysql.php");
    db_connect();
    
    header ("content-type: text/xml");
    echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
    echo "<classes>\n";
    
    $sql = "SELECT tpl_class_id, name, zh_name FROM doc_tpl_class ORDER BY sequence ASC";
    $re = db_query($sql);
    
    foreach ($re as $v)
    {
		echo "<item id=\"" . $v["tpl_class_id"] . "\" name=\"" . $v["name"] . "\" zhname=\"" . $v["zh_name"] . "\" />\n";
    }
    
    echo "</classes>\n";
}

/* 分析参数字符串，返回一个 SQL 语句 */
function makeTplParsSQL($tpl_id, $tpl_pars)
{
    $par_str = array();
    $pars_array = explode(";", $tpl_pars);
    
    foreach ($pars_array as $v)
    {
		$t = explode(",", $v);
		$size = explode("x", $t[2]);
		$par_str[] = "(" . $tpl_id . ", '" . $t[0] . "', '" . $t[1] . "', '" . $size[0] . "', '" . $size[1] . "', '" . $t[3] . "')";
    }
    
    $sql_str = "INSERT doc_tpl_pars(tpl_id, name, type, sizeX, sizeY, options) ";
    $sql_str .= " VALUES" . join(",", $par_str);
    
    return $sql_str;
}
?>
